Unrated severityNVD Advisory· Published Dec 31, 2003· Updated Apr 16, 2026

CVE-2003-1386

Description

AXIS 2400 Video Server 2.00 through 2.33 allows remote attackers to obtain sensitive information via an HTTP request to /support/messages, which displays the server's /var/log/messages file.

Affected products

Axis/2400 Video Server5 versions
cpe:2.3:h:axis:2400_video_server:2.0:*:*:*:*:*:*:*+ 4 more
- cpe:2.3:h:axis:2400_video_server:2.0:*:*:*:*:*:*:*
- cpe:2.3:h:axis:2400_video_server:2.20:*:*:*:*:*:*:*
- cpe:2.3:h:axis:2400_video_server:2.31:*:*:*:*:*:*:*
- cpe:2.3:h:axis:2400_video_server:2.32:*:*:*:*:*:*:*
- cpe:2.3:h:axis:2400_video_server:2.33:*:*:*:*:*:*:*
Axis/2401 Video Server4 versions
cpe:2.3:h:axis:2401_video_server:2.20:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:h:axis:2401_video_server:2.20:*:*:*:*:*:*:*
- cpe:2.3:h:axis:2401_video_server:2.31:*:*:*:*:*:*:*
- cpe:2.3:h:axis:2401_video_server:2.32:*:*:*:*:*:*:*
- cpe:2.3:h:axis:2401_video_server:2.33:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.003
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000